Application Security Team Lead

Description

At monday.com, our highest priority is earning and maintaining the trust of over 250,000 customers across 200 industries and territories worldwide. We implement rigorous security measures to ensure our customers' data is always secure and protected.

We are seeking a dynamic and experienced Application Security Team Lead to lead our AppSec team. This team is responsible for ensuring the platform is resilient against application-level attacks, promoting secure development practices, and using industry-leading tools and methodologies.

About The Role

- Lead and mentor a team of AppSec engineers, security architects, and Offensive Security professionals to execute a robust security strategy.

- Collaborate with cross-functional teams and the broader security community to continually improve security processes and practices.

- Drive prioritization, planning, and tracking of AppSec projects while providing regular progress updates to leadership.

- Expand the team by recruiting, onboarding, and developing top talent with a range of expertise and skills.

- Develop and oversee processes for identifying, reporting, and remediating security vulnerabilities within applications.

- Build, maintain, and enhance AppSec tools and integrations to support secure development.

- Collaborate with R&D teams to integrate security best practices across the software development lifecycle (SDLC), including design reviews, code reviews, dynamic analysis, and bug bounty programs.

- Identify and assess application security risks for new projects and ensure security requirements are built into product development from the start.

- Work closely with product teams to deliver enterprise-grade security features and solutions.

- Conduct regular evaluations of architecture, design, and code to identify potential vulnerabilities and security risks.

- Lead and manage incident response operations, ensuring rapid and effective resolution of any security incidents.

Requirements

- Proven leadership experience, with 3+ years managing an AppSec team or 6+ years as an Application Security technical lead.

- 3+ years of hands-on software development experience (advantageous).

- In-depth knowledge of application security vulnerabilities, testing methods, and mitigation techniques.

- Strong familiarity with the OWASP Top 10 and best practices for secure software development.

- Ability to balance the big picture of security with detailed risk assessments and alignment with monday.com’s risk tolerance.

- Experience with enterprise-level security requirements and frameworks.

- Excellent communication and influencing skills, with the ability to build relationships and work effectively with internal and external stakeholders at all levels.

- Strong organizational and prioritization skills, with the ability to work independently and manage cross-team collaboration.

- Experience with cloud-based applications and a deep understanding of the CI/CD process.

- Security certifications such as CISSP, OSCP, CEH, or CSSLP are advantageous.

- Prior experience working closely with product and R&D teams (preferred).

Social Title

Social Description

Our Team

Position Type

About The Team (Internal)

Internal requirements